package com.example.shiro2.common.config.shiro;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

public class ShiroRealm extends AuthorizingRealm{

    /**
          * 授权逻辑
          */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
        System.out.println("执行授权逻辑");
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        authorizationInfo.addRole("admin");
        return authorizationInfo;//shiro底层会抛出UnknownAccountException

    }


    /**
          * 认证逻辑
          */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException {
        System.out.println("执行认证逻辑");
        String dbusername="admin";
        String dbpassword="123456";


//1. 判断用户名
        UsernamePasswordToken token=(UsernamePasswordToken) arg0;
        if (!token.getUsername().equals(dbusername)) {
            //用户名不存在
            return null;//shiro底层会抛出UnknownAccountException
        }
        return new SimpleAuthenticationInfo("",dbpassword,"");//参数1：需要返回给login方法的数据；参数2：数据库密码，shiro会自动判断;

    }

}